View Full Version : Help with VPNC on N800
01-15-2007, 11:05 AM
I am new to the board and new to the Nokia tablets. I recently purchased a N800 and really need to get a cisco compatible VPN client running on it.
I have found VPNC through the MAEMO site, but am not familiar enough with Linux commands to get it up and running. So I have been using this guide:
I have been able to install VPNC, XTerm and DropBear. I was able to GetRoot on my device through Xterm, but I do not know how to copy my configuration file over. Can someone walk me through this?
Also, the guide says the configuration file should be *.conf The file from my work is *.pcf Will this work?
Any help that someone can provide would be greatly appreciated!
Thank you very much!
01-16-2007, 12:29 AM
I just installed it on my 800 yesterday.
As for the config, you'll want to get your *.pcf file from your existing client and convert it using the perl script from the vpnc (http://www.unix-ag.uni-kl.de/~massar/vpnc/)site. Grab the vpnc-0.3.3.tar.gz and extract pcf2vpnc. You'll need perl installed. On Windows you can get it from ActiveState (http://activestate.com) for free.
This will generate the vpn.conf by using a command similar to
perl pcf2vpnc vpn.pcf > vpn.conf
Connect your n800 to your PC and copy the file over to the SD card. Then, you'll want to open a terminal and copy it over to the right location.
(mmc1 is internal, mmc2 is external)
sudo su -
cp /media/mmc1/vpn.conf /etc/vpnc
and run it.
I just tested mine out tonight, however, our network requires a firewall to be installed that apparently isn't supported in vpnc yet. Version 0.3.3 is what I have on my Nokia.
01-16-2007, 01:08 AM
anyone get vpn working with pptp? My work/school has pptp/ipsec connection so I cant use it 8-10 hours out of my day :(
01-17-2007, 01:02 PM
I was able to connect to my companys network and and was ablt to use vpnc to connect to our vpn but for some reason browsing won't work, Am i missing something?
01-17-2007, 06:26 PM
You might need to adjust your routing table such as deleting your default route over wlan0.
01-17-2007, 10:29 PM
I will give that a try. thank you for your reply
01-18-2007, 12:10 PM
Thanks to those who have offered their help thusfar. Just an update....
I was able to install and launch VPNC, but now have a new problem:
vpnc: quick mode response rejected: INVALID_PAYLOAD_TYPE
this means the concentrator did not like what we had to offer.
Possible reasons are:
*concentrator firewall configured to require a firewall
this locks out even Cisco clients on any platform except windows
which is an obvious security improvement. There is no workaround (yet).
*concentrator configured to to require IP compression
this is not yet supported by vpnc.
Note: the Cisco concentrator Documentation recommends against using
compression, except on low-bandwidth (read: ISDN) links, because it uses much CPU-resources on the concentrator
I suspect my problem is in the first condition and am working with my company IS department on it. They will be installing a software update to the concentrator to allow non-windows based devices. I will try again when it is complete.
In the meantime, can someone please explain how to adjust the routing table in baby steps? I suspect this will be my next hurdle as I will be using a webmail client.
Your help is much appreciated.
01-18-2007, 02:29 PM
I have the same problem you're seeing with the INVALID_PAYLOAD_TYPE because it requires a firewall. That being said, I have't successfully connected through vpn.
You can show and manipulate your routing table by using the command 'route'. Manipulation will require root access.
Without being able to connect myself I probably won't be much help beyond that. Sounds like you have a bigger hurdle to overcome at the moment, though.
01-18-2007, 03:55 PM
when deleting routes do we need to remove all routes that were present before vpnc was started? Thanks for your help.
01-18-2007, 08:54 PM
In a strange turn of events, I found out our data networking group temporarily disabled the firewall restriction. Also, for what its worth if you have this restriction in place you may be able to get yourself added to a group that doesn't require a firewall when logging in. We have one for our Unix admins that use Linux for VPNing in. It all depends on who you know.
I was able to login to VPN and get to an internal website without any problems and without needing to delete any routes. If you want to get to an Internet website, you'll need to setup your proxy.
Here's what my routing table looks like with IPs removed.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.xxx.xxx.xxx 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0
192.168.1.0 * 255.255.255.0 U 0 0 0 wlan0
default xxx.xxx.xxx.xxx 0.0.0.0 UG 0 0 0 tun0
01-19-2007, 11:40 AM
unfortunately i couldn't get to any internal web site either so iam guessing I will have to modify the routing table. Any help would be appreciated.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.